Security update for openssl SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:2275-1 Final 1 1 2015-12-15T20:30:20Z current 2015-12-15T20:30:20Z 2015-12-15T20:30:20Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openssl This update for openssl fixes the following issues: - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - Prevent segfault in s_client with invalid options (bsc#952099) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-openssl-12264,sdksp4-openssl-12264,sledsp3-openssl-12264,sledsp4-openssl-12264,slessp2-openssl-12264,slessp3-openssl-12264,slessp4-openssl-12264,slestso13-openssl-12264 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20152275-1/ Link for SUSE-SU-2015:2275-1 https://lists.suse.com/pipermail/sle-security-updates/2015-December/001735.html E-Mail link for SUSE-SU-2015:2275-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/952099 SUSE Bug 952099 https://bugzilla.suse.com/957812 SUSE Bug 957812 https://www.suse.com/security/cve/CVE-2015-3195/ SUSE CVE CVE-2015-3195 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Studio Onsite 1.3 libopenssl-devel-0.9.8j-0.80.1 libopenssl0_9_8-0.9.8j-0.80.1 libopenssl0_9_8-32bit-0.9.8j-0.80.1 openssl-0.9.8j-0.80.1 libopenssl0_9_8-hmac-0.9.8j-0.80.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 openssl-doc-0.9.8j-0.80.1 libopenssl0_9_8-x86-0.9.8j-0.80.1 libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libopenssl-devel-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-x86-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-x86-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-x86-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-x86-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libopenssl0_9_8-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libopenssl0_9_8-hmac-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libopenssl0_9_8-x86-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssl-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssl-doc-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libopenssl-devel-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libopenssl-devel-0.9.8j-0.80.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libopenssl-devel-0.9.8j-0.80.1 as a component of SUSE Studio Onsite 1.3 The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. CVE-2015-3195 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Desktop 11 SP4:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Desktop 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Desktop 11 SP4:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libopenssl-devel-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP2-LTSS:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-0.9.8j-0.80.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssl-doc-0.9.8j-0.80.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.80.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.80.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.80.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152275-1/ https://www.suse.com/security/cve/CVE-2015-3195.html CVE-2015-3195 https://bugzilla.suse.com/923755 SUSE Bug 923755 https://bugzilla.suse.com/957812 SUSE Bug 957812 https://bugzilla.suse.com/957815 SUSE Bug 957815 https://bugzilla.suse.com/958768 SUSE Bug 958768 https://bugzilla.suse.com/963977 SUSE Bug 963977 https://bugzilla.suse.com/986238 SUSE Bug 986238